I think I have the first question figured out, but the rest of the packet capture is beyond my comprehension.

Open up the capture in Wireshark, right click on the first packet and select Follow TCP stream. In the drop down, select the second option, (181875 bytes), save that as a file named "output" If you're on Linux, type: file output to find out what kind of file it is and go from there.

I think I have the first question figured out, but the rest of the packet capture is beyond my comprehension.

Thanks for the hint... time to investigate further.

Oh and i loved the scan of the month challenges.

Open up the capture in Wireshark, right click on the first packet and select Follow TCP stream. In the drop down, select the second option, (181875 bytes), save that as a file named "output" If you're on Linux, type: file output to find out what kind of file it is and go from there.